Gain IT & T Consulting Pty Ltd
ABN: 79 139 732 853
Sydney NSW, Australia
Email: enquiries@gainconsulting.com.au
-
PURPOSE AND SCOPE
Gain IT & T Consulting Pty Ltd (“we”, “our”, “us”) is committed to protecting personal information and handling it in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).
This policy applies to all personal information collected, held, used, and disclosed by us in connection with our consulting services, including engagements with corporations, government agencies, universities, and local councils.
-
DEFINITIONS
Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable.
Sensitive Information includes information such as health, biometric, or other sensitive data as defined under applicable law.
-
TYPES OF INFORMATION COLLECTED
We collect only the personal information reasonably necessary to perform our business functions, including:
• Name, job title, and business contact details
• Organisation and project-related information
• Communications and correspondence
• Limited technical data (e.g. IP address, website usage analytics)
We do not intentionally collect sensitive information unless required for a specific engagement and with explicit consent.
-
COLLECTION METHODS
We collect personal information through:
• Direct interactions (email, phone, website forms)
• Client engagements and contractual relationships
• Secure business systems including SAP and Xero
• Website analytics and standard internet technologies
Where reasonable and practicable, we collect information directly from the individual.
-
PURPOSE OF COLLECTION AND USE
We use personal information strictly for legitimate business purposes, including:
• Delivering consulting services
• Managing contracts and client relationships
• Financial management and invoicing
• Project delivery and resource management
• Meeting legal, regulatory, and contractual obligations
We do not use personal information for unrelated secondary purposes without consent.
-
DATA MINIMISATION AND RETENTION
We apply data minimisation principles and only retain personal information:
• For as long as required to fulfil the purpose of collection
• To comply with legal and contractual obligations
• In accordance with financial record retention requirements (typically 7 years)
Data is securely destroyed or de-identified when no longer required.
-
DISCLOSURE OF PERSONAL INFORMATION
We may disclose personal information to:
• Employees and authorised contractors
• Trusted service providers (e.g. IT hosting, accounting systems)
• Professional advisers (legal, accounting)
• Government or regulatory bodies, where required by law
All third parties are required to handle personal information in accordance with applicable privacy obligations.
-
CROSS-BORDER DATA TRANSFERS
In the unlikely event that personal information may be stored or processed outside Australia (e.g. cloud services), we take reasonable steps to ensure compliance with the Australian Privacy Principles, including:
• Using reputable providers with strong security controls
• Ensuring contractual or equivalent safeguards are in place
-
INFORMATION SECURITY
We implement reasonable technical and organisational security controls, including:
• Access controls and authentication measures
• Use of secure, reputable platforms (including SAP and Xero)
• Protection against unauthorised access, loss, or misuse
• Staff awareness of confidentiality obligations
While we take reasonable steps, no system can be guaranteed to be completely secure.
-
NOTIFIABLE DATA BREACHES
We comply with the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth).
In the event of an eligible data breach, we will:
• Promptly assess the incident
• Notify affected individuals where required
• Notify the Office of the Australian Information Commissioner (OAIC) as required
-
ACCESS AND CORRECTION
Individuals may request access to or correction of their personal information.
Requests should be submitted via email and will be handled within a reasonable timeframe, subject to legal and contractual constraints.
-
WEBSITE ANALYTICS & COOKIES
Our website uses analytics tools to:
• Improve functionality and performance
• Analyse website usage
Our website may use minimal technical cookies or similar technologies necessary for basic functionality. We do not use cookies for advertising or tracking purposes.
-
COMPLAINTS AND ESCALATION
If you believe we have breached the Australian Privacy Principles, you may contact us in writing.
We will:
• Acknowledge your complaint promptly
• Investigate and respond within a reasonable timeframe
If you are not satisfied with our response, you may escalate your complaint to the Office of the Australian Information Commissioner (OAIC).
-
CONTACT DETAILS
Gain IT & T Consulting Pty Ltd
Email: enquiries@gainconsulting.com.au
-
POLICY GOVERNANCE AND UPDATES
This policy is reviewed periodically to ensure ongoing compliance with applicable laws and client expectations. The latest version will always be available on our website.
Last updated: April 2026